Cyber Attacks Common Attack Methods, Techniques and Preventions

Cyber Attacks

Common Attack Methods, Techniques and Preventions

Alteration Attack

•      Occurs when unauthorized modifications affect the integrity of the data or code

•      Example: Unauthorized alteration of binary code during development or addition of unauthorized libraries during recompilation of existing programs

•      Defense: Cryptographic hash

•     Why do we need to know this?

   

Dictionary Attack, Brute Force Attack

•      Used to break passwords

•      Dictionary Attacks : hundreds, sometimes millions of likely possibilities, such as words in a dictionary.

•      Brute Force Attack: Systematically checking all possible keys

•      Reverse Brute Force Attack: same password but different user names

Ø Countermeasures: CAPTCHA, strong passwords, locking after unsuccessful attempts, disallowing common passwords

   

Denial of Service (DoS) Attack

•      Do's Attack : Efforts to temporarily or indefinitely interrupt or suspend services of a host connected to the Internet.

•      Examples: ICMP Flood (Smurf Attack), Teardrop Attack, Peer to peer attack, PDoS, Application Level Flood Attack (Brute Force Attack, Banana Attack), Nuke, DDoS, Unintentional Attack

Ø Handling: Firewalls, Switches, Routers, Application Front End hardware, IPS Based Prevention, DDS Based Defense, Blackholing and Sinkholing, Clean Pipes

Eavesdropping

•      Eavesdropping is the act of secretly listening to the private conversation of others without their consent.

•      Programs such as carnivore and narusinsight have been used by the FBI and NSA to eavesdrop on the systems of internet service providers

Ø Countermeasures: Encryption, Updated Security Tools on your computer

E-mail Bombarding, Spamming, Spoofing

•     Email Bombarding: Abusers repeatedly send identical email message to a particular address.

•     Email spamming: It is an email bombing that refers to sending email to thousands of users and if any user respond to any of those emails, it redirects to all of the recipients.

•     Email Spoofing: User gets emails with the request that administrator wants update email system and needs old ID and Password and thus collects confidential information by impersonating the users.

Ø What can you do to address this? Discuss

Malicious Codes

•      Malicious code is the term used to describe any code in any part of a software system or script that is intended to cause undesired effects, security breaches or damage to a system

•      Trojan horses: These are the programs distinguished as useful program such as OS patches, but once executed it can open some ports and can pass confidential information to the intruder

•      Logic Bomb: A program that is triggered when a certain condition, time, or event occurs

•      Trap Doors: An undocumented way of gaining access to a program, online service or an entire computer system. The backdoor is written by the programmer who creates the code. It is often only known by the programmer. A backdoor is a potential security risk.

Ø Precautions: Updated Security Software such as Antivirus, System File Checker, etc

            

Man-in-the-middle Attack

•     Man-in-the middle Attack: The attacker actively establishes connection to two devices

•     The attacker connects to both devices and pretends to each of them to be the other device

Ø Defenses: Public Key Infrastructures (verified by CA), Stronger Mutual Authentication

Masquerading

•     Masquerading: The intruder presents an identity other than the original one and tries to gain access to sensitive data/network. Such impersonating can break both user level and machine level security.

•     IP Spoofing – a forged IP address is presented

•     Legitimate use of IP spoofing – During performance testing

Ø Defenses: Network layer Firewalls or Packet Filters

Network Analysis

•      A replay attack is a form of network attack in which a valid data transmission is maliciously or fraudulently repeated or delayed. This is carried out either by the originator or by an adversary who intercepts the data and retransmits it, possibly as part of a masquerade attack by IP packet substitution

•      The intruder passively captures a stream of data packets as it moves along an unprotected or vulnerable network

Ø Countermeasures: Session Token, One time passwords, MAC, Timestamping

Phishing

•      Phishing: The intruder tries to collect users confidential information like Password, ID, Credit Card details etc. by pretending as a trustworthy entity.

•      Techniques include: Pharming, Social Engineering, Link manipulation, Web site forgery.

•      Pharming has become a major concern to businesses hosting e-commerce and to online banking websites.

Ø Defense: antipharming measures, Security awareness programs

Spam

•      Also known as unsolicited commercial email or junk email

•      Spam causes convenience and has severe impacts on productivity

•      When spam is responded to, the email address of the recipient is validated and gives away information

•       

Ø Defense: Spam Filters, grey listing, Security Awareness

Unauthorized Access through the Internet or WWW

•     Many Internet software packages contain vulnerabilities that render systems subject to attack

•     Examples are: Client side execution of scripts, E-mail forgery, Telnet passwords transmitted in the clear, etc.

Ø Prevention: Security Testing, Auditing

War Chalking, Driving, and Walking

•     War Chalking: Marking a series of symbols on sidewalks and walls to indicate nearby wireless access points

•     War Driving: The practice of driving around a block or neighborhood while scanning for wireless network names

•     War Walking: Similar to War Driving , but a vehicle is not used

Ø Preventions: Wi-Fi Security

Countermeasures for Wireless Attacks

•     Install a firewall

•     Change the administrative password

•     Hide the wireless network – do not transmit the SSID of the wireless network

•     Use a Secured key: You can use the WPA, WPA-2 key on the Security settings of your Router to protect your wireless network connection

•     Use a long WPA Key with lower and uppercase letters, numbers and special characters.

Tips to maintain a virus free PC

•     Email is one of the common ways to catch a computer virus. Stay away from SPAM and never click on the links that come from un-trusted sources. Use a good anti-spam software.

•     Don’t click on pop-up windows, especially if it offers something hard to believe. Use a pop up blocker.

•     For Pen Drives: Scan the drive first. Also never double click on the drive, but rather right-click and open.

Tips to maintain a virus free PC

•     To avoid visiting malicious websites through search, you can use the AVG link scanner

•     Install a good anti-spyware program that operates against Internet malware and spyware

•     Install a good antivirus software and keep it updated

•     Setup your Windows update to automatically download patches and upgrades

•     Run virus scan on any downloaded files

•     Stay away from pirated software

Some additional Tips

•              Do not use public computers to access sensitive/confidential information

•     Always hit the log-out button to close your session rather than abruptly terminating the browser window

•     Never share your password with anyone for any reason

•     Always type the URL of the website in your web browsers address bar to enter the login pages

Thank You

শেয়ার করুন